Skip to content
Snippets Groups Projects
Commit 4b88ee0a authored by Andreas Åkre Solberg's avatar Andreas Åkre Solberg
Browse files

Adding namequalifier in the shibboleth 1.3 idp 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@289 44740490-163a-0410-bde0-09ae8108e29a
parent 93ce856a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+ 5
4
View file @ 4b88ee0a
...@@ -277,13 +277,15 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse { ...@@ -277,13 +277,15 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
$audience = isset($spmd['audience']) ? $spmd['audience'] : $spentityid; $audience = isset($spmd['audience']) ? $spmd['audience'] : $spentityid;
$base64 = isset($spmd['base64attributes']) ? $spmd['base64attributes'] : false; $base64 = isset($spmd['base64attributes']) ? $spmd['base64attributes'] : false;
$namequalifier = isset($spmd['NameQualifier']) ? $spmd['NameQualifier'] : $spmd['entityid'];
$encodedattributes = ''; $encodedattributes = '';
if (is_array($attributes)) { if (is_array($attributes)) {
$encodedattributes .= '<AttributeStatement> $encodedattributes .= '<AttributeStatement>
<Subject> <Subject>
<NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier">' . htmlspecialchars($nameid) . '</NameIdentifier> <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . htmlspecialchars($namequalifier) . '">' . htmlspecialchars($nameid) . '</NameIdentifier>
</Subject>'; </Subject>';
foreach ($attributes AS $name => $value) { foreach ($attributes AS $name => $value) {
...@@ -321,14 +323,13 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse { ...@@ -321,14 +323,13 @@ class SimpleSAML_XML_Shib13_AuthnResponse extends SimpleSAML_XML_AuthnResponse {
<AuthenticationStatement AuthenticationInstant="' . $issueInstant. '" <AuthenticationStatement AuthenticationInstant="' . $issueInstant. '"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
<Subject> <Subject>
<NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier">' . htmlspecialchars($nameid) . '</NameIdentifier> <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier" NameQualifier="' . htmlspecialchars($namequalifier) . '">' . htmlspecialchars($nameid) . '</NameIdentifier>
<SubjectConfirmation> <SubjectConfirmation>
<ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod>
</SubjectConfirmation> </SubjectConfirmation>
</Subject> </Subject>
</AuthenticationStatement> </AuthenticationStatement>
' . $encodedattributes . '
' . $encodedattributes . '
</Assertion> </Assertion>
</Response>'; </Response>';
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment